summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--lib/nickserver/server.rb69
-rw-r--r--test/files/bananas@localhost3
-rw-r--r--test/test_helper.rb14
-rw-r--r--test/unit/hkp_test.rb12
-rw-r--r--test/unit/nickserver_test.rb107
-rw-r--r--test/unit/server_test.rb30
6 files changed, 178 insertions, 57 deletions
diff --git a/lib/nickserver/server.rb b/lib/nickserver/server.rb
index 21975d4..7e79b98 100644
--- a/lib/nickserver/server.rb
+++ b/lib/nickserver/server.rb
@@ -1,13 +1,10 @@
require 'eventmachine'
require 'evma_httpserver'
+require 'json'
#
# This is the main HTTP server that clients connect to in order to fetch keys
#
-# For now, its API is very simple:
-#
-# GET /keys/<uid> --> returns OpenPGP key for uid.
-#
module Nickserver
class Server < EM::Connection
include EM::HttpServer
@@ -21,6 +18,7 @@ module Nickserver
# * :host (default 0.0.0.0)
#
def self.start(opts={})
+ Nickserver::Config.load
options = {:host => '0.0.0.0', :port => Nickserver::Config.port}.merge(opts)
EM.start_server options[:host], options[:port], Nickserver::Server
end
@@ -31,14 +29,11 @@ module Nickserver
end
def process_http_request
- if @http_request_method == "GET"
- if @http_path_info =~ /^\/key\//
- send_key
- else
- send_error("malformed path: #{@http_path_info}")
- end
+ uid = get_uid_from_request
+ if uid.nil?
+ send_not_found
else
- send_error("only GET is supported")
+ send_key(uid)
end
end
@@ -48,6 +43,10 @@ module Nickserver
send_response(:status => 500, :content => msg)
end
+ def send_not_found(msg = "not found")
+ send_response(:status => 404, :content => msg)
+ end
+
def send_response(opts = {})
options = {:status => 200, :content_type => 'text/plain', :content => ''}.merge(opts)
response = EM::DelegatedHttpResponse.new(self)
@@ -57,19 +56,51 @@ module Nickserver
response.send_response
end
- def send_key
- uid = CGI.unescape @http_path_info.sub(/^\/key\/(.*)/, '\1')
+ def send_key(uid)
get_key_from_uid(uid) do |key|
- send_response(:content => key)
+ send_response :content => format_response(:address => uid, :openpgp => key)
+ end
+ end
+
+ def get_uid_from_request
+ if @http_query_string
+ params = CGI.parse(@http_query_string)
+ elsif @http_post_content
+ params = CGI.parse(@http_post_content)
+ end
+ if params["address"] && params["address"].any?
+ return params["address"].first
end
end
def get_key_from_uid(uid)
- Nickserver::HKP::FetchKey.new.get(uid).callback {|key|
- yield key
- }.errback {|status|
- send_response(:status => status, :content => 'could not fetch key')
- }
+ if local_address?(uid)
+ send_not_found
+ else
+ Nickserver::HKP::FetchKey.new.get(uid).callback {|key|
+ yield key
+ }.errback {|status|
+ send_response(:status => status, :content => 'could not fetch key')
+ }
+ end
+ end
+
+ def format_response(map)
+ map.to_json
+ end
+
+ #
+ # Return true if the user address is for a user of this service provider.
+ # e.g. if the provider is example.org, then alice@example.org returns true.
+ #
+ # Currently, we rely on whatever hostname the client voluntarily specifies
+ # in the headers of the http request.
+ #
+ def local_address?(uid)
+ hostname = @http_headers.split(/\0/).grep(/^Host: /).first.split(':')[1].strip.sub(/^nicknym\./, '')
+ return uid =~ /^.*@#{Regexp.escape(hostname)}$/
+ #rescue
+ # false
end
end
end \ No newline at end of file
diff --git a/test/files/bananas@localhost b/test/files/bananas@localhost
new file mode 100644
index 0000000..69df2bf
--- /dev/null
+++ b/test/files/bananas@localhost
@@ -0,0 +1,3 @@
+{
+ "openpgp": "hi"
+} \ No newline at end of file
diff --git a/test/test_helper.rb b/test/test_helper.rb
index 517ae78..634f1a3 100644
--- a/test/test_helper.rb
+++ b/test/test_helper.rb
@@ -9,6 +9,8 @@ class MiniTest::Unit::TestCase
# Add global extensions to the test case class here
def setup
+ Nickserver::Config.load
+
# by default, mock all non-localhost network connections
WebMock.disable_net_connect!(:allow_localhost => true)
end
@@ -25,18 +27,26 @@ class MiniTest::Unit::TestCase
end
end
- def stub_vindex_response(uid, opts = {})
+ def stub_sks_vindex_reponse(uid, opts = {})
options = {:status => 200, :body => ""}.merge(opts)
stub_http_request(:get, Nickserver::Config.sks_url).with(
:query => {:op => 'vindex', :search => uid, :exact => 'on', :options => 'mr', :fingerprint => 'on'}
).to_return(options)
end
- def stub_get_response(key_id, opts = {})
+ def stub_sks_get_reponse(key_id, opts = {})
options = {:status => 200, :body => ""}.merge(opts)
stub_http_request(:get, Nickserver::Config.sks_url).with(
:query => {:op => 'get', :search => "0x"+key_id, :exact => 'on', :options => 'mr'}
).to_return(options)
end
+ def stub_couch_response(uid, opts = {})
+ options = {:status => 200, :body => ""}.merge(opts)
+ url = ['http://', Nickserver::Config.couch_host, ':', Nickserver::Config.couch_port].join
+ stub_http_request(:get, url).with(
+ :query => {:address => uid}
+ ).to_return(options)
+ end
+
end
diff --git a/test/unit/hkp_test.rb b/test/unit/hkp_test.rb
index c9c28cf..1b7b2c9 100644
--- a/test/unit/hkp_test.rb
+++ b/test/unit/hkp_test.rb
@@ -28,7 +28,7 @@ class HkpTest < MiniTest::Unit::TestCase
def test_key_info_not_found
uid = 'leaping_lemur@leap.se'
- stub_vindex_response(uid, :status => 404)
+ stub_sks_vindex_reponse(uid, :status => 404)
test_em_errback "Nickserver::HKP::FetchKeyInfo.new.search '#{uid}'" do |error|
assert_equal 404, error
end
@@ -47,8 +47,8 @@ class HkpTest < MiniTest::Unit::TestCase
def test_fetch_key
uid = 'cloudadmin@leap.se'
key_id = 'E818C478D3141282F7590D29D041EB11B1647490'
- stub_vindex_response(uid, :body => file_content(:leap_vindex_result))
- stub_get_response(key_id, :body => file_content(:leap_public_key))
+ stub_sks_vindex_reponse(uid, :body => file_content(:leap_vindex_result))
+ stub_sks_get_reponse(key_id, :body => file_content(:leap_public_key))
test_em_callback "Nickserver::HKP::FetchKey.new.get '#{uid}'" do |key_text|
assert_equal file_content(:leap_public_key), key_text
@@ -59,8 +59,8 @@ class HkpTest < MiniTest::Unit::TestCase
uid = 'cloudadmin@leap.se'
key_id = 'E818C478D3141282F7590D29D041EB11B1647490'
- stub_vindex_response(uid, :body => file_content(:leap_vindex_result))
- stub_get_response(key_id, :status => 404)
+ stub_sks_vindex_reponse(uid, :body => file_content(:leap_vindex_result))
+ stub_sks_get_reponse(key_id, :status => 404)
test_em_errback "Nickserver::HKP::FetchKey.new.get '#{uid}'" do |error|
assert_equal 404, error
@@ -113,7 +113,7 @@ class HkpTest < MiniTest::Unit::TestCase
end
def fetch_key_info(body_source, uid, &block)
- stub_vindex_response(uid, :body => file_content(body_source))
+ stub_sks_vindex_reponse(uid, :body => file_content(body_source))
test_em_callback "Nickserver::HKP::FetchKeyInfo.new.search '#{uid}'", &block
end
diff --git a/test/unit/nickserver_test.rb b/test/unit/nickserver_test.rb
new file mode 100644
index 0000000..5753ec3
--- /dev/null
+++ b/test/unit/nickserver_test.rb
@@ -0,0 +1,107 @@
+require File.expand_path('test_helper', File.dirname(__FILE__))
+require 'json'
+
+class NickserverTest < MiniTest::Unit::TestCase
+
+ def test_GET_served_via_SKS
+ uid = 'cloudadmin@leap.se'
+ key_id = 'E818C478D3141282F7590D29D041EB11B1647490'
+ stub_sks_vindex_reponse(uid, :body => file_content(:leap_vindex_result))
+ stub_sks_get_reponse(key_id, :body => file_content(:leap_public_key))
+
+ start do
+ params = {:query => {"address" => uid}}
+ get(params) do |http|
+ assert_equal file_content(:leap_public_key), JSON.parse(http.response)["openpgp"]
+ stop
+ end
+ end
+ end
+
+ def test_POST_served_via_SKS
+ uid = 'cloudadmin@leap.se'
+ key_id = 'E818C478D3141282F7590D29D041EB11B1647490'
+ stub_sks_vindex_reponse(uid, :body => file_content(:leap_vindex_result))
+ stub_sks_get_reponse(key_id, :body => file_content(:leap_public_key))
+
+ start do
+ params = {:body => {"address" => uid}}
+ post(params) do |http|
+ assert_equal file_content(:leap_public_key), JSON.parse(http.response)["openpgp"]
+ stop
+ end
+ end
+ end
+
+ def test_GET_served_via_couch_not_found
+ uid = 'bananas@localhost'
+ key_id = 'E818C478D3141282F7590D29D041EB11B1647490'
+ stub_couch_response(uid, :body => file_content(uid))
+
+ start do
+ params = {:query => {"address" => uid}}
+ get(params) do |http|
+ assert_equal 404, http.response_header.status
+ stop
+ end
+ end
+ end
+
+ protected
+
+ #
+ # start nickserver
+ #
+ def start(timeout = 1)
+ Timeout::timeout(timeout) do
+ EM.run do
+ Nickserver::Server.start
+ EM.epoll
+ yield
+ end
+ end
+ rescue Timeout::Error
+ flunk 'Eventmachine was not stopped before the timeout expired'
+ end
+
+ #
+ # http GET requests to nickserver
+ #
+ def get(params, &block)
+ request(:get, params, &block)
+ end
+
+ #
+ # http POST requests to nickserver
+ #
+ def post(params, &block)
+ request(:post, params, &block)
+ end
+
+ #
+ # http request to nickserver
+ #
+ # this works because http requests to localhost are not stubbed, but requests to other domains are.
+ #
+ def request(method, params)
+ http = EventMachine::HttpRequest.new("http://localhost:#{Nickserver::Config.port}/").send(method,params)
+
+ http.callback {
+ # p http.response_header.status
+ # p http.response_header
+ # p http.response
+ yield http
+ }.errback {
+ flunk(http.error) if http.error
+ EM.stop
+ }
+ end
+
+ #
+ # stop nickserver
+ #
+ def stop
+ EM.stop
+ end
+
+end
diff --git a/test/unit/server_test.rb b/test/unit/server_test.rb
deleted file mode 100644
index 5a6bd8d..0000000
--- a/test/unit/server_test.rb
+++ /dev/null
@@ -1,30 +0,0 @@
-require File.expand_path('test_helper', File.dirname(__FILE__))
-
-class ServerTest < MiniTest::Unit::TestCase
-
- #
- # this test works because http requests to localhost are not stubbed, but requests to other domains are.
- #
- def test_server
- uid = 'cloudadmin@leap.se'
- key_id = 'E818C478D3141282F7590D29D041EB11B1647490'
- stub_vindex_response(uid, :body => file_content(:leap_vindex_result))
- stub_get_response(key_id, :body => file_content(:leap_public_key))
-
- EM.run do
- Nickserver::Server.start
- params = {:query => {}, :path => "key/#{CGI.escape(uid)}"}
- http = EventMachine::HttpRequest.new("http://localhost:#{Nickserver::Config.port}").get(params)
- http.callback {
- assert_equal file_content(:leap_public_key), http.response
- EM.stop
- return
- }.errback {
- flunk http.error
- EM.stop
- }
- end
- flunk 'should not get here'
- end
-
-end